Aurelia Plumbar. Scam, or foul up?

[Excalibur]

Got this email today. As far as I know, nothing's been ordered. The file's in a format I can't open. As far as I can see no money's left any accounts.

Thank you for using our services!
Your order #2946167661 will be shipped on 04-09-2014.

Date: September 02, 2014. 12:24pm
Price: £172.19
Payment method: Wire transfer
Transaction number: 49ACD267923A

Please find the detailed information on your purchase in the attached file (item_2014-09-02_11-42-18_2946167661.arj)

Best regards,
Sales Department
Aurelia Plumbar
+07468 56 76 38


Thoughts?

[lazersounds]

From a website:

Order no. 26187973020 is another one from the current zbot runs which try to drop cryptolocker, ransomware and loads of other malware on your computer. They are using email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers.

[Corabar Entertainment]

Thoughts?

1. Never try to open ANYTHING you don't recognise

2. Since you tried:-

a. Make sure your virus definitions are up to date
b. Run a full scan, and
c. Download and run Malwarebytes to be sure!

3. Never, ever, ever, do anything like that again!

[Excalibur]

3. Never, ever, ever, do anything like that again!

Yes Miss.

[Jim - Scotland's Party DJ]

I feel you - I got an e-mail the other day mentioning something about a direct debit in the title which promptly went into the bin.

I then sussed out that it was something to do with a sizeable DJ Kit order I'd recently made on credit and I can't get the e-mail back

[DJColsie]

Got this email today. As far as I know, nothing's been ordered. The file's in a format I can't open. As far as I can see no money's left any accounts.

Thank you for using our services!
Your order #2946167661 will be shipped on 04-09-2014.

Date: September 02, 2014. 12:24pm
Price: £172.19
Payment method: Wire transfer
Transaction number: 49ACD267923A

Please find the detailed information on your purchase in the attached file (item_2014-09-02_11-42-18_2946167661.arj)

Best regards,
Sales Department
Aurelia Plumbar
+07468 56 76 38


Thoughts?

I work in a bank for my 9-5 and we had two people come in yesterday having received the exact same email. They were concerned that money had gone from their account but in both cases this was not the case!

[Creature]

arj - is a compression format that comepeted with .zip

You dont here about it much these days ( still going - http://www.arjsoftware.com/),

the torrent boys loved it and it could be more secure than .zip files at the time.

your hint here that email is a scam, why is it compressed? if it was genuine it would probally be in adobe or other format but never compressed

Also your name is not there

and also probally there email addy will give it away

As been said dont reconise it - dont open it

[DazzyD]

1. Never try to open ANYTHING you don't recognise

2. Since you tried:-

a. Make sure your virus definitions are up to date
b. Run a full scan, and
c. Download and run Malwarebytes to be sure!

3. Never, ever, ever, do anything like that again!

What Angela said!!

From my work against scams, this one is pretty basic but we are hearing more and more reports about it. I was going to write a paragraph on this sort of thing but it's easy to get more info from Google on these specific threats and new breeds of malware. Just make sure you only click through to reputable websites. Security firm websites, such as Kaspersky, BitDefender and AVG are usually a good source of info.

But we can't stress this enough. Never, ever, ever click on an attachment or link in email that you weren't expected, haven't requested or haven't heard of. That's what your "move to trash" facility is for. The only exception to this rule is if you know what "sandboxing" is all about!

[Excalibur]

The only exception to this rule is if you know what "sandboxing" is all about!

Am I close?

[DazzyD]

Am I close?

Actually, not too far away in principle!

Sandboxing is running applications or files within a "sandbox", a program or OS environment which keeps the process separate from the main OS and other programs so that it can't have an effect on the system. It means that when you run the program or file it can't affect anything else on the system, for example, malware or malicious code can't reach any other part of the system and, therefore, can't do any harm.

It's how we test these suspicious email attachments and also how anti-virus software manufacturers test their programs for identifying real threats.

http://en.wikipedia.org/wiki/Sandbox...er_security%29

Oh, I was just checking my own email inbox a short while ago and came across this:

Thank you for using our services!
Your order #57679658480 will be shipped on 04.09.2014.

Date: September 03, 2014. 09:58am
Price: £159.30
Payment method: Credit card
Transaction number: B1DF17C2666CDA31

Please find the detailed information on your purchase in the attached file (sale_2014-09-03_09-27-27_57679658480.arj)

Best regards,
Sales Department
Nu Solar
+07624 451364

There is also an .arj attachment. Look familiar to anyone??? It's now binned!!

EDIT:

Curiosity got the better of me and I decided to do a couple of security scans on this attachment. I'm really puzzled as both AVG and MBAM both found nothing. Hmm. I'm still convinced it's malware, though!